Special Issue "Cybersecurity"

A special issue of Applied Sciences (ISSN 2076-3417). This special issue belongs to the section "Computing and Artificial Intelligence".

Deadline for manuscript submissions: closed (30 September 2020).

Special Issue Editors

Dr. Alberto Bartoli
E-Mail Website
Guest Editor
Department of Engineering and Architecture, University of Trieste, Trieste, Italy
Interests: cybersecurity; machine learning; information extraction
Dr. Andrea De Lorenzo
E-Mail Website
Guest Editor
Department of Engineering and Architecture, University of Trieste, 34127 Trieste, Italy
Interests: cybersecurity; machine learning; information extraction
Special Issues and Collections in MDPI journals

Special Issue Information

Dear Colleagues,

We are inviting submissions to the Special Issue titled “Cybersecurity”.

Cybersecurity is no longer a topic of interest only for computer scientists and engineers. Countless firms and companies are routinely experiencing major losses due to data breaches and the inability to execute their operations due to cyberattacks. Public services and research institutions are also constantly affected by the same issues. We invite submissions exploring not only defensive tools and mechanisms, but also proposals for assessing exposure to cyberattacks and for promoting a tradeoff between security, costs, and usability that is more aligned with the public interest. Both theoretical and experimental studies are welcome, as well as case studies, papers dealing with systematization of knowledge, and survey papers.

Prof. Alberto Bartoli
Dr. Andrea De Lorenzo
Guest Editors


Manuscript Submission Information

Manuscripts should be submitted online at www.mdpi.com by registering and logging in to this website. Once you are registered, click here to go to the submission form. Manuscripts can be submitted until the deadline. All papers will be peer-reviewed. Accepted papers will be published continuously in the journal (as soon as accepted) and will be listed together on the special issue website. Research articles, review articles as well as short communications are invited. For planned papers, a title and short abstract (about 100 words) can be sent to the Editorial Office for announcement on this website.

Submitted manuscripts should not have been published previously, nor be under consideration for publication elsewhere (except conference proceedings papers). All manuscripts are thoroughly refereed through a single-blind peer-review process. A guide for authors and other relevant information for submission of manuscripts is available on the Instructions for Authors page. Applied Sciences is an international peer-reviewed open access semimonthly journal published by MDPI.

Please visit the Instructions for Authors page before submitting a manuscript. The Article Processing Charge (APC) for publication in this open access journal is 2000 CHF (Swiss Francs). Submitted papers should be well formatted and use good English. Authors may use MDPI's English editing service prior to publication or during author revisions.

Keywords

  • malware and its mitigation
  • mobile and wireless security
  • network security
  • authentication
  • intrusion detection
  • security protocols
  • phishing
  • ransomware
  • usable security
  • security economics
  • security of industrial control systems
  • cybersecurity data analytics
  • cybersecurity applications
  • cyber operations

Published Papers (9 papers)

Order results
Result details
Select all
Export citation of selected articles as:

Research

Jump to: Review

Article
PSOFuzzer: A Target-Oriented Software Vulnerability Detection Technology Based on Particle Swarm Optimization
Appl. Sci. 2021, 11(3), 1095; https://doi.org/10.3390/app11031095 - 25 Jan 2021
Viewed by 473
Abstract
Coverage-oriented and target-oriented fuzzing are widely used in vulnerability detection. Compared with coverage-oriented fuzzing, target-oriented fuzzing concentrates more computing resources on suspected vulnerable points to improve the testing efficiency. However, the sample generation algorithm used in target-oriented vulnerability detection technology has some problems, [...] Read more.
Coverage-oriented and target-oriented fuzzing are widely used in vulnerability detection. Compared with coverage-oriented fuzzing, target-oriented fuzzing concentrates more computing resources on suspected vulnerable points to improve the testing efficiency. However, the sample generation algorithm used in target-oriented vulnerability detection technology has some problems, such as weak guidance, weak sample penetration, and difficult sample generation. This paper proposes a new target-oriented fuzzer, PSOFuzzer, that uses particle swarm optimization to generate samples. PSOFuzzer can quickly learn high-quality features in historical samples and implant them into new samples that can be led to execute the suspected vulnerable point. The experimental results show that PSOFuzzer can generate more samples in the test process to reach the target point and can trigger vulnerabilities with 79% and 423% higher probability than AFLGo and Sidewinder, respectively, on tested software programs. Full article
(This article belongs to the Special Issue Cybersecurity)
Show Figures

Figure 1

Article
ID-Service: A Blockchain-Based Platform to Support Digital-Identity-Aware Service Accountability
Appl. Sci. 2021, 11(1), 165; https://doi.org/10.3390/app11010165 - 26 Dec 2020
Cited by 2 | Viewed by 787
Abstract
Accountability refers to the need of individuals or organizations to account for their activities, accept responsibility, and disclose results in a transparent manner. Nowadays, the pervasivity of digital systems is making increasingly critical security, reliability, and trustworthiness of such services. When a service [...] Read more.
Accountability refers to the need of individuals or organizations to account for their activities, accept responsibility, and disclose results in a transparent manner. Nowadays, the pervasivity of digital systems is making increasingly critical security, reliability, and trustworthiness of such services. When a service is delivered by involving different (eventually conflicting) parties, accountability could be achieved by including in digital transactions a trusted third party (TTP). Blockchain decentralizes trust, thus avoiding to rely on a single TTP. However, to deal with accountability in concrete solutions, the issue of securely integrating digital identity and Blockchain should be solved. The paper describes the results of a three-year research project merging academic and industrial expertise, to design and implement a Blockchain-based platform for service accountability integrating eIDAS-compliant Public Digital Identity. The platform has been used in several real-life contexts made available by industrial project partners, which demonstrated the effectiveness and novelty of the solution. Full article
(This article belongs to the Special Issue Cybersecurity)
Show Figures

Figure 1

Article
Detecting Colluding Inter-App Communication in Mobile Environment
Appl. Sci. 2020, 10(23), 8351; https://doi.org/10.3390/app10238351 - 24 Nov 2020
Cited by 1 | Viewed by 448
Abstract
The increase in computing capabilities of mobile devices has, in the last few years, made possible a plethora of complex operations performed from smartphones and tablets end users, for instance, from a bank transfer to the full management of home automation. Clearly, in [...] Read more.
The increase in computing capabilities of mobile devices has, in the last few years, made possible a plethora of complex operations performed from smartphones and tablets end users, for instance, from a bank transfer to the full management of home automation. Clearly, in this context, the detection of malicious applications is a critical and challenging task, especially considering that the user is often totally unaware of the behavior of the applications installed on their device. In this paper, we propose a method to detect inter-app communication i.e., a colluding communication between different applications with data support to silently exfiltrate sensitive and private information. We based the proposed method on model checking, by representing Android applications in terms of automata and by proposing a set of logic properties to reduce the number of comparisons and a set of logic properties automatically generated for detecting colluding applications. We evaluated the proposed method on a set of 1092 Android applications, including different colluding attacks, by obtaining an accuracy of 1, showing the effectiveness of the proposed method. Full article
(This article belongs to the Special Issue Cybersecurity)
Show Figures

Figure 1

Article
Call Graph and Model Checking for Fine-Grained Android Malicious Behaviour Detection
Appl. Sci. 2020, 10(22), 7975; https://doi.org/10.3390/app10227975 - 10 Nov 2020
Cited by 4 | Viewed by 589
Abstract
The increasing diffusion of mobile devices, widely used for critical tasks such as the transmission of sensitive and private information, corresponds to an increasing need for methods to detect malicious actions that can undermine our data. As demonstrated in the literature, the signature-based [...] Read more.
The increasing diffusion of mobile devices, widely used for critical tasks such as the transmission of sensitive and private information, corresponds to an increasing need for methods to detect malicious actions that can undermine our data. As demonstrated in the literature, the signature-based approach provided by antimalware is not able to defend users from new threats. In this paper, we propose an approach based on the adoption of model checking to detect malicious families in the Android environment. We consider two different automata representing Android applications, based respectively on Control Flow Graphs and Call Graphs. The adopted graph data structure allows to detect potentially malicious behaviour and also localize the code where the malicious action happens. We experiment the effectiveness of the proposed method evaluating more than 3000 real-world Android samples (with 2552 malware belonging to 21 malicious family), by reaching an accuracy ranging from 0.97 to 1 in malicious family detection. Full article
(This article belongs to the Special Issue Cybersecurity)
Show Figures

Figure 1

Article
A Secure and Efficient Group Key Management Scheme for Clusters of String Inverters
Appl. Sci. 2020, 10(21), 7900; https://doi.org/10.3390/app10217900 - 07 Nov 2020
Viewed by 648
Abstract
A string inverter converts the low voltage direct current coming from the string of its Photovoltaic (PV) panels into alternating current to be exported to the grid. In today Smart Grid’s context, PV plants feature clusters of cooperating smart string inverters that exchange [...] Read more.
A string inverter converts the low voltage direct current coming from the string of its Photovoltaic (PV) panels into alternating current to be exported to the grid. In today Smart Grid’s context, PV plants feature clusters of cooperating smart string inverters that exchange information in a multicast fashion (typically) over the Internet Protocol (IP). However, IP multicast does not provide any mechanism to limit the access to multicast data to authorized subjects only. A security infringement may cause a cluster either into exporting no energy into the grid (zero energy attack) or more energy than the limit set (energy overflow attack). Both the attacks can lead to potential severe consequences. In this regard, we are the first addressing those issues. Particularly, we propose a Key Management Service (KMS) for group key generation and distribution. The KMS provides forward secrecy and periodic refresh. We implement a prototype on a cluster of Power-One Italy S.p.A. a member of FIMER Group smart string inverters and evaluate the performance. Experimental results indicate that the scheme scales up to clusters composed of 50 inverters with an efficiency of 90.5% in terms of latency for group key distribution and 99% in terms of memory overhead. Full article
(This article belongs to the Special Issue Cybersecurity)
Show Figures

Figure 1

Article
Cyber Resilience Progression Model
Appl. Sci. 2020, 10(21), 7393; https://doi.org/10.3390/app10217393 - 22 Oct 2020
Cited by 1 | Viewed by 609
Abstract
Due to the hazardous current cyber environment, cyber resilience is more necessary than ever. Companies are exposed to an often-ignored risk of suffering a cyber incident. This places cyber incidents as one of the main risks for companies in the past few years. [...] Read more.
Due to the hazardous current cyber environment, cyber resilience is more necessary than ever. Companies are exposed to an often-ignored risk of suffering a cyber incident. This places cyber incidents as one of the main risks for companies in the past few years. On the other hand, the literature meant to aid on the operationalization of cyber resilience is mostly focused on listing the policies required to operationalize it, but is often lacking on how to prioritize these actions and how to strategize their implementation. Therefore, the usage of the current literature in this state is not optimal for companies. Thus, this study proposes a progression model to help companies strategize and prioritize cyber resilience policies by proposing the natural evolution of the policies over time. To develop the model, this study used semi-structured interviews and an analysis of the data obtained from the interviews. Through this methodology, this study found the starting points for each cyber resilience policy and their natural progression over time. These results can help companies in their cyber resilience building process by giving them insights on how to strategize the implementation of the cyber resilience policies. Full article
(This article belongs to the Special Issue Cybersecurity)
Show Figures

Figure 1

Article
Intelligent Detection of IoT Botnets Using Machine Learning and Deep Learning
Appl. Sci. 2020, 10(19), 7009; https://doi.org/10.3390/app10197009 - 08 Oct 2020
Cited by 2 | Viewed by 1213
Abstract
As the number of Internet of Things (IoT) devices connected to the network rapidly increases, network attacks such as flooding and Denial of Service (DoS) are also increasing. These attacks cause network disruption and denial of service to IoT devices. However, a large [...] Read more.
As the number of Internet of Things (IoT) devices connected to the network rapidly increases, network attacks such as flooding and Denial of Service (DoS) are also increasing. These attacks cause network disruption and denial of service to IoT devices. However, a large number of heterogenous devices deployed in the IoT environment make it difficult to detect IoT attacks using traditional rule-based security solutions. It is challenging to develop optimal security models for each type of the device. Machine learning (ML) is an alternative technique that allows one to develop optimal security models based on empirical data from each device. We employ the ML technique for IoT attack detection. We focus on botnet attacks targeting various IoT devices and develop ML-based models for each type of device. We use the N-BaIoT dataset generated by injecting botnet attacks (Bashlite and Mirai) into various types of IoT devices, including a Doorbell, Baby Monitor, Security Camera, and Webcam. We develop a botnet detection model for each device using numerous ML models, including deep learning (DL) models. We then analyze the effective models with a high detection F1-score by carrying out multiclass classification, as well as binary classification, for each model. Full article
(This article belongs to the Special Issue Cybersecurity)
Show Figures

Figure 1

Article
Efficient Distributed Preprocessing Model for Machine Learning-Based Anomaly Detection over Large-Scale Cybersecurity Datasets
Appl. Sci. 2020, 10(10), 3430; https://doi.org/10.3390/app10103430 - 15 May 2020
Cited by 3 | Viewed by 963
Abstract
New computational and technological paradigms that currently guide developments in the information society, i.e., Internet of things, pervasive technology, or Ubicomp, favor the appearance of new intrusion vectors that can directly affect people’s daily lives. This, together with advances in techniques and methods [...] Read more.
New computational and technological paradigms that currently guide developments in the information society, i.e., Internet of things, pervasive technology, or Ubicomp, favor the appearance of new intrusion vectors that can directly affect people’s daily lives. This, together with advances in techniques and methods used for developing new cyber-attacks, exponentially increases the number of cyber threats which affect the information society. Because of this, the development and improvement of technology that assists cybersecurity experts to prevent and detect attacks arose as a fundamental pillar in the field of cybersecurity. Specifically, intrusion detection systems are now a fundamental tool in the provision of services through the internet. However, these systems have certain limitations, i.e., false positives, real-time analytics, etc., which require their operation to be supervised. Therefore, it is necessary to offer architectures and systems that favor an efficient analysis of the data handled by these tools. In this sense, this paper presents a new model of data preprocessing based on a novel distributed computing architecture focused on large-scale datasets such as UGR’16. In addition, the paper analyzes the use of machine learning techniques in order to improve the response and efficiency of the proposed preprocessing model. Thus, the solution developed achieves good results in terms of computer performance. Finally, the proposal shows the adequateness of decision tree algorithms for training a machine learning model by using a large dataset when compared with a multilayer perceptron neural network. Full article
(This article belongs to the Special Issue Cybersecurity)
Show Figures

Figure 1

Review

Jump to: Research

Review
Understanding Server Authentication in WPA3 Enterprise
Appl. Sci. 2020, 10(21), 7879; https://doi.org/10.3390/app10217879 - 06 Nov 2020
Viewed by 534
Abstract
In December 2019, the Wi-Fi Alliance published version 2 of WPA3, the new certification program for Wi-Fi devices that updates WPA2. This new version of WPA3 addresses, amongst other things, one of the crucial weaknesses of WPA2: in many practical deployments of enterprise [...] Read more.
In December 2019, the Wi-Fi Alliance published version 2 of WPA3, the new certification program for Wi-Fi devices that updates WPA2. This new version of WPA3 addresses, amongst other things, one of the crucial weaknesses of WPA2: in many practical deployments of enterprise Wi-Fi networks—i.e., networks in which users have personalized credentials—a device may easily be attacked by fraudulent access points claiming to have the name of the targeted network (evil twins). In this work, we present the mechanisms that WPA3 version 2 has introduced for mitigating these risks, which have become more and more relevant in recent years. We discuss the defensive power and potential impact of the various options available. Understanding the resulting scenario is important because WPA3 will determine the behavior of such a fundamental and widespread technology as enterprise Wi-Fi for many years, yet WPA3 enterprise networks may still be configured in a way that could not provide much better defensive power than WPA2. Full article
(This article belongs to the Special Issue Cybersecurity)
Show Figures

Figure 1

Back to TopTop